BlockRR: A Unified Framework of RR-type Algorithms for Label Differential Privacy
This work addresses label privacy in machine learning, offering a unified approach that simplifies analysis and improves performance in imbalanced settings, though it is incremental as it builds on existing RR-type mechanisms.
The paper tackles the problem of label differential privacy by introducing BlockRR, a unified randomized-response framework that generalizes existing mechanisms and ensures ε-label DP. Empirically, on CIFAR-10 variants, BlockRR achieves a better balance between test accuracy and per-class accuracy in high-to-moderate privacy regimes (ε ≤ 3.0), with no performance loss in low-privacy regimes (ε ≥ 4.0).
In this paper, we introduce BlockRR, a novel and unified randomized-response mechanism for label differential privacy. This framework generalizes existed RR-type mechanisms as special cases under specific parameter settings, which eliminates the need for separate, case-by-case analysis. Theoretically, we prove that BlockRR satisfies $ε$-label DP. We also design a partition method for BlockRR based on a weight matrix derived from label prior information; the parallel composition principle ensures that the composition of two such mechanisms remains $ε$-label DP. Empirically, we evaluate BlockRR on two variants of CIFAR-10 with varying degrees of class imbalance. Results show that in the high-privacy and moderate-privacy regimes ($ε\leq 3.0$), our propsed method gets a better balance between test accuaracy and the average of per-class accuracy. In the low-privacy regime ($ε\geq 4.0$), all methods reduce BlockRR to standard RR without additional performance loss.